Added note to releases/1.4.txt about contrib.auth user password hash-upgrade sequence. Thanks, ericholscher

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17687 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Adrian Holovaty 2012-03-12 20:14:58 +00:00
parent dd246a62c7
commit ebc6fc9354
1 changed files with 11 additions and 0 deletions

View File

@ -777,6 +777,17 @@ instance:
* Time period: The amount of time you expect user to take filling out * Time period: The amount of time you expect user to take filling out
such forms. such forms.
* ``contrib.auth`` user password hash-upgrade sequence
* Consequences: Each user's password will be updated to a stronger password
hash when it's written to the database in 1.4. This means that if you
upgrade to 1.4 and then need to downgrade to 1.3, version 1.3 won't be able
to read the updated passwords.
* Remedy: Set :setting:`PASSWORD_HASHERS` to use your original password
hashing when you initially upgrade to 1.4. After you confirm your app works
well with Django 1.4 and you won't have to roll back to 1.3, enable the new
password hashes.
django.contrib.flatpages django.contrib.flatpages
~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~